Engineering Glossary

From fundamental principles to cutting-edge practices, this glossary covers the full spectrum of software engineering terminology.

DevOps
Cloud Computing
Git
Containerization & Orchestration

Docker Container

A lightweight, portable unit that packages an application and its dependencies, allowing it to run consistently across different environments.
DevOps

Docker Log Management

Process of collecting, storing, and analyzing logs generated by Docker containers.
DevOps

Dokku

Mini-Heroku powered by Docker, helping developers quickly deploy their applications.
DevOps

Domain Drive Design (DDD)

Software design approach focusing on modeling software to match a domain according to input from domain experts.
DevOps

Drone

Cloud-native continuous integration and delivery platform that uses a simple YAML configuration file to define and execute pipelines.
DevOps

Dynamic Application Security Testing (DAST)

Security testing methodology that analyzes a running application to find vulnerabilities.
DevOps

Dynamic Infrastructure

IT infrastructure that can be programmatically allocated and managed, often associated with cloud computing and Infrastructure as Code.
DevOps

Dynatrace

Platform for application performance management, AI operations, cloud infrastructure monitoring, and digital experience management.
DevOps

EC2

Amazon Elastic Compute Cloud; web service providing resizable compute capacity in the cloud.
DevOps

EKS

Managed Kubernetes service for easy deployment on AWS without the need to install and operate your own Kubernetes clusters.
DevOps

Edge Computing

Distributed computing paradigm that brings computation and data storage closer to the location where it is needed.
DevOps

ElasticSearch

Distributed, RESTful search and analytics engine capable of addressing a growing number of use cases.
DevOps

Elasticity

Ability of a system to automatically scale up or down based on demand, crucial for efficient resource utilization in cloud environments.
DevOps

Emergent Design

Design approach where the architecture of a system evolves gradually as the system is developed.
DevOps

Enabling Team

Group that helps other teams to deliver software more effectively, often by providing tools and platforms.
DevOps

Encapsulation

Bundling of data with the methods that operate on that data, restricting direct access to some of an object's components.
DevOps

End-to-End Testing (EE Testing)

Methodology used to test whether the flow of an application is performing as designed from start to finish.
DevOps

Endpoint Security

Approach to protecting computer networks that are remotely bridged to client devices.
DevOps

Enterprise Application Integration (EAI)

Use of software and architectural principles to integrate enterprise applications.
DevOps

Enterprise Security

Overarching strategy and implementation of security measures across an entire organization.
DevOps

Environment

Set of conditions under which a piece of software is developed, tested, or run, including hardware, configuration, and other software.
DevOps

Environment Variable

Dynamic-named value that can affect the way running processes will behave on a computer.
DevOps

Environments

Different setups where software can be run, such as development, testing, staging, and production.
DevOps

Envoy

High-performance distributed proxy designed for cloud-native applications, often used as a service mesh component.
DevOps

Ephemeral Environments

Temporary, disposable environments created on-demand for testing or development, ensuring consistency and isolation.
DevOps

Error Budget

Acceptable amount of unplanned downtime or errors a service can experience without consequences.
DevOps

Error Log

Record of error messages generated by a software application or system, crucial for troubleshooting and monitoring.
DevOps

Error Tracking

Process of identifying, recording, and analyzing errors in software applications to improve reliability and user experience.
DevOps

Eucalyptus

Open-source software for building AWS-compatible private and hybrid cloud computing environments.
DevOps

Event Log

Record of events taking place in the execution of a system to provide an audit trail.
DevOps

Event-Driven Architecture (EDA)

Design paradigm in which the flow of the program is determined by events such as user actions, sensor outputs, or messages from other programs.
DevOps

Everything as Code (EaC)

Approach to managing all aspects of IT infrastructure and operations through code.
DevOps

Excessive Data Exposure

Security issue where an API returns more data than necessary, potentially revealing sensitive information.
DevOps

Exploratory Testing

Approach to software testing that emphasizes the tester's freedom and creativity to uncover issues.
DevOps

FAI (Fully Automatic Installer)

Tool for unattended mass installation of Linux systems, streamlining the process of setting up multiple machines.
DevOps

Fabric

Python library and command-line tool for streamlining the use of SSH for application deployment or systems administration tasks.
DevOps

Fail Fast

Design principle promoting immediate reporting of failures to enable quick detection and resolution of issues.
DevOps

Failed Builds

Instances where the compilation or integration process of software fails due to errors.
DevOps

False Positive

Error in evaluation where a condition is mistakenly flagged as true when it is actually false.
DevOps

Fargate

AWS serverless compute engine for containers that works with both Amazon ECS and Amazon EKS.
DevOps

Fault Tolerance

Property that enables a system to continue operating properly in the event of the failure of some of its components.
DevOps

Fear-driven Development

Anti-pattern where developers make decisions based on fear rather than best practices or data.
DevOps

Feature Branching

Practice of creating a separate branch in version control for each feature during development.
DevOps

Feature Flagging

Technique allowing teams to modify system behavior without changing code, enabling gradual rollouts and A/B testing.
DevOps

Feature Flags

Technique in software development that turns certain functionality on and off during runtime, without deploying new code.
DevOps

Feature Management

Practice of using feature flags to control and manage the lifecycle of features in software applications.
DevOps

Feature Toggle

Technique in software development for turning features on or off quickly without changing code.
DevOps

Fig

Tool for defining and running multi-container Docker applications, now replaced by Docker Compose.
DevOps

File Inclusion

Vulnerability that allows an attacker to include a file, usually exploiting dynamic file inclusion mechanisms implemented in the target application.
DevOps

FinDevOps

Application of DevOps principles to financial services, emphasizing security and compliance.
DevOps

FinOps

Practice bringing financial accountability to cloud spending, enabling teams to balance speed, cost, and quality in business decisions.
DevOps

First Input Delay (FID)

Measure of responsiveness that quantifies the experience users feel when trying to interact with unresponsive pages.
DevOps

Five Nines

Discover the gold standard of system reliability: "five nines" uptime. Learn what 99.999% availability means, its importance, and the challenges in achieving this elite DevOps goal.
DevOps

Flaky Test

Test that sometimes passes and sometimes fails without any code changes, often causing frustration in CI/CD pipelines.
DevOps

Flow

The smooth, continuous movement of code from development to production, emphasizing automation, collaboration, and rapid feedback to optimize software delivery.
DevOps

Flow Metrics

Measurements used to understand and optimize the flow of work through a system, crucial in lean and agile methodologies.
DevOps

Flutter

Google's UI toolkit for building natively compiled applications for mobile, web, and desktop from a single codebase.
DevOps

Flynn

Open-source platform designed to simplify deploying and maintaining applications, offering a heroku-like experience using Docker containers.
DevOps

Foreman

Open-source tool for complete lifecycle management of physical and virtual servers, automating repetitive tasks and simplifying provisioning.
DevOps

Four Key Metrics

Set of metrics (lead time, deployment frequency, mean time to restore, change failure rate) used to measure software delivery performance.
DevOps

Four Nines

Explore the concept of "four nines" in system reliability. Learn what 99.99% uptime means, its importance in DevOps, and strategies to achieve this high availability standard.
DevOps

Four-eyes Principle

Security measure requiring two individuals to approve or perform an action, reducing the risk of fraud or errors.
DevOps

Fpm

Tool to easily build packages such as rpms, debs, and more, simplifying the process of creating software packages for different systems.
DevOps

Full Stack Observability

Comprehensive visibility into all parts of a software system, from front-end to back-end.
DevOps

Function-as-a-Service (FaaS)

Cloud computing service that allows execution of code in response to events without complex infrastructure.
DevOps

Functional Testing

Type of testing that verifies that each function of the software application operates according to the specification.
DevOps

Functions as a Service

Cloud computing execution model where developers run and manage application functionalities without the complexity of building and maintaining infrastructure.
DevOps

Fuzz Testing

Automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program.
DevOps

Gain Privileges

Process or action of obtaining higher levels of access or permissions in a system.
DevOps

Ganglia

Scalable distributed monitoring system for high-performance computing systems such as clusters and grids.
DevOps

Gemba

Japanese term meaning "the actual place," used in management to emphasize the importance of direct observation.
DevOps

General Data Protection Regulation (GDPR)

EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.
DevOps

Gift Card Fraud

Unauthorized or deceptive use of gift cards for financial gain, often involving stolen card numbers or exploitation of card systems.
DevOps

Git Branch

Lightweight movable pointer to a commit in Git version control, allowing for parallel development and experimentation.
DevOps

Git Repository

Storage location for a Git project, containing all the files and their revision history.
DevOps

GitHub

Web-based hosting service for version control using Git, offering collaboration features, code review, and integration with various development tools.
DevOps

GitHub Actions

GitHub's built-in continuous integration and continuous delivery (CI/CD) platform, allowing automated build, test, and deployment workflows.
DevOps

GitLab

Web-based DevOps lifecycle tool that provides a Git-repository manager with wiki, issue-tracking and CI/CD pipeline features.
DevOps

GitOps

Framework applying DevOps best practices like version control, collaboration, compliance, and CI/CD to infrastructure automation.
DevOps

GitOps Operator

Software agent that implements GitOps practices, reconciling the desired state in Git with the actual state of the system.
DevOps

Gitflow Workflow

Git workflow that defines a strict branching model designed around the project release.
DevOps

Gitlab CI

GitLab's built-in Continuous Integration/Continuous Deployment tool, allowing automated testing and deployment of code changes.
DevOps

GoCD

Open-source continuous delivery server to model and visualize complex workflows.
DevOps

Golden Image

Pre-configured template for a virtual machine, used to create standardized instances.
DevOps

Google App Engine

Platform as a Service for developing and hosting web applications in Google-managed data centers.
DevOps

Google Cloud Platform (GCP)

Suite of cloud computing services running on the same infrastructure that Google uses internally.
DevOps

Governance

The policies, controls, and standards to ensure compliance, security, and quality across the software delivery pipeline while maintaining agility and efficiency.
DevOps

Gradle

Powerful build automation tool that supports multi-language development and offers a flexible, plugin-based architecture for customization.
DevOps

Grafana

Open-source platform for monitoring and observability, allowing users to visualize, alert on, and understand metrics from various data sources.
DevOps

Graphite

Monitoring tool that stores numeric time-series data and renders graphs of this data on demand.
DevOps

HIPAA

Health Insurance Portability and Accountability Act; U.S. legislation that provides data privacy and security provisions for safeguarding medical information.
DevOps

HTTP Requests

Messages sent by clients to initiate actions on servers, forming the foundation of data communication on the World Wide Web.
DevOps

Hadoop Architecture

Framework that allows for the distributed processing of large data sets across clusters of computers.
DevOps

HashiCorp Vault

Tool for securely accessing secrets like API keys, passwords, and certificates, central to modern secret management strategies.
DevOps

Heartbeat Monitoring

Continuous monitoring of a system or service to check if it's operational, often used in high-availability setups.
DevOps

Helm Chart

Package format for defining, installing, and upgrading complex Kubernetes applications, simplifying the deployment process.
DevOps

Heroku

Cloud platform as a service (PaaS) supporting several programming languages, used for deploying, managing, and scaling modern apps.
DevOps

High Availability

Characteristic of a system designed to avoid loss of service by reducing or managing failures.
DevOps

Hybrid Cloud

Computing environment that uses a mix of on-premises, private cloud and third-party, public cloud services.
DevOps

Hypothesis-Driven Development

Approach where features are treated as experiments to validate business outcomes.
DevOps
@mention

@mention

A feature in Git platforms that allows users to notify specific team members or reference issues by using the @ symbol followed by a username.
API preview

API preview

A feature allowing developers to test and provide feedback on new Git API functionality before it's officially released.
Bare Repository

Bare Repository

A Git repository containing version control information without a working directory, typically used as a central repository for collaboration.
Bisect

Bisect

A Git command used to perform a binary search through a repository's history to identify the commit that introduced a bug or issue.
Bitbucket Pipelines

Bitbucket Pipelines

An integrated CI/CD service in Bitbucket for automating builds, tests, and deployments.
Blame

Blame

A Git feature that shows which user last modified each line of a file, helping developers trace changes and understand code history.
Blamestorming

Blamestorming

A collaborative process of analyzing Git blame information to identify the source of bugs or issues in a codebase.
Branch

Branch

A parallel version of a repository, allowing developers to work on different features or experiments without affecting the main codebase.
Branch policies

Branch policies

Rules enforced on Git branches to ensure code quality, require reviews, or restrict certain actions before merging.
Business plan

Business plan

A premium subscription tier offered by Git hosting services, providing advanced features and support for enterprise users.
CA certificate

CA certificate

A digital certificate issued by a Certificate Authority, used in Git to establish secure HTTPS connections and verify server identities.
Cache

Cache

A temporary storage area that holds frequently accessed data for quick retrieval, improving system performance.
Checkout

Checkout

A Git command used to switch between different branches or restore files from a specific commit in a repository's history.
Cherry-Pick

Cherry-Pick

A Git operation that applies the changes from a specific commit to the current branch, useful for selective code integration.
Cherry-picking

Cherry-picking

The practice of selecting and applying specific commits from one branch to another in Git, often used for targeted bug fixes.
Clone

Clone

The process of creating a local copy of a remote Git repository, allowing developers to work on the codebase independently.
Code owners file

Code owners file

A file specifying individuals or teams responsible for code in different parts of a repository.
Commit

Commit

Operation in version control systems that saves changes to the local repository, creating a new revision with a unique identifier.
Conflict

Conflict

A situation in Git where incompatible changes have been made to the same part of a file, requiring manual resolution before merging.
Continuous Integration

Continuous Integration

Practice of merging all developer working copies to a shared mainline several times a day.
DAG (Directed Acyclic Graph)

DAG (Directed Acyclic Graph)

Directed Acyclic Graph, the underlying data structure used by Git to represent the commit history and relationships between commits.
Detach HEAD

Detach HEAD

A Git operation that moves the HEAD pointer to a specific commit, allowing for temporary exploration of historical states.
Diff

Diff

A Git command or operation that shows the differences between two commits, branches, files, or other Git objects.
Downstream

Downstream

Refers to the direction of change propagation in Git, typically from a parent branch to its child branches or forks.
Explorer

Explorer

A feature in Git platforms for browsing repository contents, viewing files, and navigating through different branches.
Feature branch workflow

Feature branch workflow

A Git pattern where each new feature is developed in a dedicated branch, then merged back to the main branch.
Fetch

Fetch

A Git command that retrieves changes from a remote repository without automatically merging them into the local branch.
Force Push

Force Push

A Git push operation that overwrites the remote branch's history with the local branch, potentially causing data loss if used carelessly.
Fork

Fork

A personal copy of another user's repository on a Git hosting platform, allowing independent development without affecting the original project.
Free plan

Free plan

A no-cost tier offered by Git hosting services, typically with limited features and storage for individual users or small projects.
GPG (GNU Privacy Guard)

GPG (GNU Privacy Guard)

An encryption software used with Git for signing commits and tags, enhancing security and verification.
Gist

Gist

A simple way to share code snippets, notes, or small files using Git, often integrated into Git platforms.
Git

Git

Distributed version control system for tracking changes in source code during software development.
Git Alias

Git Alias

A custom shortcut command defined by users to simplify complex or frequently used Git operations.
Git Alternates

Git Alternates

A mechanism in Git allowing a repository to borrow objects from another repository, useful for saving disk space in large projects.
Git Annotate

Git Annotate

A Git command that shows the author and commit information for each line in a file, similar to the "blame" feature.
Git Assume Unchanged

Git Assume Unchanged

A Git feature that tells the system to temporarily ignore changes to a tracked file, useful for local configuration files.
Git Attributes

Git Attributes

A mechanism in Git for defining attributes on a per-path basis, controlling how Git handles certain files or directories.
Git Bisect

Git Bisect

A Git command used to perform a binary search through the commit history to find the commit that introduced a bug.
Git Bisect Run

Git Bisect Run

An automated version of Git Bisect that uses a script to determine if each checked-out commit is "good" or "bad".
Git Blame -C (Copy Detection)

Git Blame -C (Copy Detection)

An enhanced version of Git Blame that detects lines moved or copied from other files, providing better change tracking.
Git Bundle

Git Bundle

A Git command that creates a single file containing all the data needed to recreate a repository's branch or history.
Git Bundle Create/Verify

Git Bundle Create/Verify

Commands to create and verify Git bundles, useful for transferring repository data without using a network.
Git Cheat Sheet

Git Cheat Sheet

A quick reference guide summarizing common Git commands and their usage, helpful for both beginners and experienced users.
Git Cherry

Git Cherry

A Git command used to find commits that haven't been merged upstream, useful for identifying changes to be applied to another branch.
Git Clean

Git Clean

A command to remove untracked files from the working directory, helping to maintain a clean repository state.
Git Commit --amend

Git Commit --amend

A command that allows you to modify the most recent commit, adding new changes or updating the commit message.
Git Commit Amend

Git Commit Amend

A command that allows you to modify the most recent commit, changing its message or contents, and update it without creating a new commit.
Git Commit Hooks

Git Commit Hooks

Scripts that run automatically before or after a commit, allowing you to enforce rules, format code, or perform checks on changes.
Git Commit Templates

Git Commit Templates

Predefined structures for commit messages, helping maintain consistency and include necessary information in commits.
Git Commit Trailers

Git Commit Trailers

Metadata added to the end of commit messages, often used for things like issue references or sign-offs.
Git Commit-graph

Git Commit-graph

A file format used to store commit graph structure, improving performance for operations that traverse commit history.
Git Commit-graph Verify

Git Commit-graph Verify

A command to check the integrity and validity of the commit-graph file in a Git repository.
Git Commit-tree

Git Commit-tree

A low-level Git command used to create a new commit object from an existing tree object.
Git Config

Git Config

A command and system for setting configuration options for Git on a global, local, or repository level.
Git Count-objects

Git Count-objects

A diagnostic command that provides statistics about the number and size of objects in a Git repository.
Git Credential Helper

Git Credential Helper

A system that securely stores and retrieves credentials for Git operations, reducing the need for manual authentication.
Git Daemon

Git Daemon

A lightweight server for the Git protocol, allowing anonymous read access to Git repositories.
Git Dangling Objects

Git Dangling Objects

Objects in Git that are not reachable from any reference, often created during rebasing or other history-altering operations.
Git Describe

Git Describe

A command that generates a human-readable name for a commit based on the most recent tag and additional commit information.
Git Diff

Git Diff

A command that shows changes between commits, branches, files, or the working directory and the index.
Git Diff Algorithms

Git Diff Algorithms

Various methods used by Git to compute differences between versions of files, optimizing for different scenarios.
Git Diff Tool

Git Diff Tool

An external program or interface used to visualize differences between files or commits in a more user-friendly manner.
Git Fetch --All

Git Fetch --All

A command that fetches updates from all remote repositories configured in a Git project.
Git Filter-branch

Git Filter-branch

A powerful tool for rewriting Git history, allowing for large-scale changes across many commits.
Git Flow

Git Flow

A branching model for Git that defines a strict branching structure designed to support multiple parallel developments.
Git Fork

Git Fork

The process of creating a personal copy of someone else's project, allowing for independent development without affecting the original.
Git Fsck

Git Fsck

A command that verifies the connectivity and validity of objects in the Git database.
Git Fsck (File System Check)

Git Fsck (File System Check)

Verifies the integrity of objects in the Git database, checking for corruption and inconsistencies.
Git GPG verification

Git GPG verification

A security feature in Git that uses GPG to sign and verify commits and tags, ensuring authenticity.
Git Garbage Collection (gc)

Git Garbage Collection (gc)

A process that optimizes the Git repository by removing unnecessary files and compressing objects.
Git Gc (Garbage Collection)

Git Gc (Garbage Collection)

Short for Git Garbage Collection, a command to clean up unnecessary files and optimize the repository.
Git Grep

Git Grep

A command for searching files in a Git repository using regular expressions or simple string matching.
Git Hook

Git Hook

A script that Git automatically runs before or after specific events, like commits or merges, to customize workflows and enforce rules.
Git Hooks

Git Hooks

Same as Git Hook, scripts triggered by various Git actions to automate tasks or enforce policies.
Git Ignore

Git Ignore

A mechanism to specify intentionally untracked files that Git should ignore, typically defined in a .gitignore file.
Git Index Format

Git Index Format

The internal format used by Git to store the staging area information, representing the next commit to be made.
Git Init

Git Init

A command used to initialize a new Git repository, creating the necessary directory structure for version control.
Git Interactive Rebase

Git Interactive Rebase

A feature allowing users to modify commits in their branch history, useful for cleaning up before merging.
Git Internals (objects, refs, etc.)

Git Internals (objects, refs, etc.)

The underlying data structures and mechanisms Git uses to store and manage version control information.
Git Interpret-trailers

Git Interpret-trailers

A command to parse and manipulate the trailer lines typically found at the end of commit messages.
Git LFS (Large File Storage)

Git LFS (Large File Storage)

A system that manages large files by storing them outside the main repository, replacing them with lightweight pointers to improve performance and efficiency.
Git Large File Storage (LFS)

Git Large File Storage (LFS)

An extension that replaces large files with text pointers in Git, while storing the file contents on a remote server.
Git Log

Git Log

A command to display the commit history of a repository, showing details like author, date, and commit message.
Git Maintenance

Git Maintenance

A set of tasks performed to keep a Git repository in good condition, including garbage collection and optimization.
Git Merge Strategies

Git Merge Strategies

Different algorithms used by Git to combine separate development histories when merging branches.
Git Merge Tools

Git Merge Tools

External programs or interfaces used to resolve merge conflicts in a more visual and user-friendly manner.
Git Merge-base

Git Merge-base

A command that finds the best common ancestor between two commits, useful for determining the point where branches diverged.
Git Multi-pack Index (MIDX)

Git Multi-pack Index (MIDX)

A feature that improves performance for repositories with many pack files by creating an index across multiple packs.
Git Namespaces

Git Namespaces

A feature allowing multiple references (like branches or tags) with the same name to coexist by separating them into different namespaces.
Git Notes

Git Notes

A way to add or inspect object notes, allowing additional information to be attached to Git objects without changing their SHA-1 hash.
Git Object Storage

Git Object Storage

The system Git uses to store all the versions of files, commits, and other objects in a content-addressable filesystem.
Git Pack Files

Git Pack Files

Compressed files containing Git objects, used to efficiently store and transfer repository data.
Git Packfile Format

Git Packfile Format

The internal format used by Git to store multiple objects efficiently in a single file, reducing disk usage and improving performance.
Git Partial Clone

Git Partial Clone

A feature allowing users to clone a repository without downloading all of its objects, saving bandwidth and storage.
Git Patch

Git Patch

A file format representing changes between versions, used for sharing and applying modifications across different repositories.
Git Plumbing Commands

Git Plumbing Commands

Low-level Git commands that expose the internal workings of Git, primarily used for scripting and advanced operations.
Git Porcelain Commands

Git Porcelain Commands

User-friendly commands for everyday tasks, like git status and git commit, designed for ease of use and clear output.
Git Protocol

Git Protocol

The native network protocol used by Git for efficient data transfer between repositories.
Git Prune

Git Prune

A command that removes objects that are no longer reachable from any references in the repository.

Workflows as Code

Defining and managing complex business processes using code in cloud environments.

Workload Placement Optimization

Techniques for efficiently distributing applications and data across cloud resources.

Workload Portability

Ability to move applications and data between different cloud environments with minimal modifications.

Workload-Aware Data Placement

Optimizing data storage location based on application requirements in cloud environments.

Zero Trust Network Access (ZTNA)

Security model that requires strict identity verification for every person and device accessing cloud resources.

Zero Trust Security Model

Approach assuming no automatic trust, requiring continuous verification in cloud environments.

Zero UI Cloud Interactions

Interfacing with cloud services through ambient intelligence, without traditional user interfaces.

Zero-Knowledge Proof Services

Cloud-based cryptographic methods allowing data verification without revealing the data itself.

Zero-Knowledge Proof Systems

Cryptographic protocols enabling data verification without disclosing the actual data in cloud environments.

Zero-Trust Microsegmentation

Fine-grained network segmentation approach in cloud environments, limiting lateral movement of threats.

Zero-Trust Network Access (ZTNA)

Security framework requiring strict authentication and authorization for all cloud network access.

Zoned Namespaces (ZNS) SSDs

Storage devices optimized for cloud workloads, improving performance and reducing write amplification.

eBPF (extended Berkeley Packet Filter)

Technology for running sandboxed programs in the Linux kernel, often used in cloud environments.

eBPF-based Networking

Using eBPF technology to enhance network performance and security in cloud environments.

Scheduling Framework

Kubernetes component allowing plugins to customize the scheduling process without changing the core scheduler code.

Scheduling Plugins

Modular components in Kubernetes scheduler implementing specific scheduling behaviors and policies.

Scheduling Profiles

Configurations defining sets of scheduling plugins to be used for different scheduling scenarios in Kubernetes.

Seccomp BPF

Use of Berkeley Packet Filter programs to define fine-grained seccomp profiles for container security.

Seccomp Profiles

Security profiles defining allowed system calls for containers, enhancing isolation and reducing attack surface.

Secret

Kubernetes object for storing and managing sensitive information such as passwords, tokens, or keys.

Secrets Management

Process of securely storing, distributing, and rotating sensitive data in containerized environments.

Secure Computing Mode (seccomp)

Linux kernel feature limiting the system calls a process can make, often used to secure containers.

Secure Supply Chain

Practices ensuring the integrity and security of container images and their dependencies throughout the development lifecycle.

Security Context Constraint

OpenShift object defining a set of conditions that a pod must run with to be accepted into the system.

Security Context Constraints

OpenShift feature for fine-grained control over the actions containers can perform and the resources they can access.

Security Scanning in CI Pipeline

Integration of vulnerability and compliance scans into the continuous integration process for container images.

Serverless Frameworks

Tools and platforms for building and deploying serverless applications on container orchestration systems.

Serverless Observability

Techniques and tools for monitoring, tracing, and debugging serverless functions and applications.

Serverless Patterns

Architectural patterns for designing and implementing serverless applications in containerized environments.

Serverless Security

Practices and tools for securing serverless functions and applications in container-based infrastructures.

Serverless Workflows

Orchestration of multiple serverless functions to create complex, event-driven applications.

Service

Kubernetes abstraction defining a logical set of pods and a policy by which to access them.

Service Account Token Volume Projection

Kubernetes feature for securely delivering service account tokens to pods, enhancing security.

Service Account Tokens

Credentials automatically generated for pods to authenticate with the Kubernetes API server.

Service Discovery Pattern

Technique allowing services to locate and communicate with each other dynamically in containerized environments.

Service Mesh Control Plane

Component of a service mesh responsible for managing and configuring the data plane proxies.

Service Mesh Data Plane

Component of a service mesh consisting of proxies that intercept and control service-to-service communication.

Service Mesh Interface (SMI)

Specification defining a set of common APIs for service meshes on Kubernetes, promoting interoperability.

Service Mesh Pattern

Architectural pattern providing a dedicated infrastructure layer for handling service-to-service communication.

Service Mesh Performance (SMP)

Standard for measuring and characterizing the performance of service mesh deployments, aiding in optimization.

Service Monitors

Custom resources in Prometheus Operator for declaratively defining how services should be monitored.

Service Networking

Mechanisms and configurations for enabling network communication between services in container orchestration platforms.

Service Topology

Kubernetes feature allowing services to route traffic based on node topology for improved performance.

Service-to-Service Authentication

Process of verifying the identity of services communicating with each other in a containerized environment.

ServiceAccount

Kubernetes object providing an identity for processes running in a pod, used for authentication and authorization.

Sharding Pattern for Data Partitioning

Technique of dividing data across multiple database instances in containerized environments.

Sidecar Containers

Additional containers in a pod that enhance or extend the functionality of the main container.

Sidecar Pattern

Design pattern where a sidecar container is deployed alongside the main application container to provide supporting features.

Sidecar Proxy

Proxy container deployed alongside application containers to handle network traffic and implement service mesh functionality.

Sidecars for Service Mesh

Use of sidecar proxies to implement service mesh features like traffic management and security in Kubernetes.

SigNoz

Open-source application performance monitoring and observability platform for microservices and Kubernetes environments.

Skaffold

Tool facilitating continuous development for Kubernetes applications, handling building, pushing, and deploying application code.

Skaffold for Local Kubernetes Development

Use of Skaffold to streamline the development workflow for Kubernetes applications in local environments.

Snyk Container Security

Platform providing vulnerability scanning and security management for container images and Kubernetes deployments.

Software-Defined Networking (SDN)

Approach to network management enabling dynamic, programmatically efficient network configuration in container environments.

Source-to-Image (S2I)

Tool and workflow for building reproducible container images from source code, simplifying the build process.

Spinnaker

Open-source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence.

Splunk for Containers

Integration of Splunk's data platform with containerized environments for logging, monitoring, and analysis.

StackRox Kubernetes Security Platform

Security platform providing vulnerability management, compliance, and runtime protection for Kubernetes.

Stateful Applications in Containers

Containerized applications that maintain data or state, requiring special considerations for persistence and scaling.

StatefulSet

Kubernetes workload API object used to manage stateful applications, providing unique network identities and stable storage.

StatefulSet Patterns

Design patterns for deploying and managing stateful applications in Kubernetes using StatefulSets.

Static Pods

Pods managed directly by the kubelet on a specific node, without the API server observing them.

Static Provisioning

Process of pre-creating storage resources in Kubernetes before they are claimed by persistent volume claims.

Static Token File

File-based method for providing authentication tokens to the Kubernetes API server, useful for bootstrap authentication.

Status Subresource

Kubernetes API feature allowing updates to an object's status without modifying its spec, enabling more granular updates.

Storage Capacity Tracking

Kubernetes feature for making scheduling decisions based on the available storage capacity of nodes.

Storage Classes

Kubernetes objects defining different classes of storage with varying performance characteristics or policies.

StorageClass

Kubernetes object describing the "classes" of storage offered by the administrator, used for dynamic provisioning.

StorageOS

Software-defined storage for cloud-native applications, providing persistent storage for containers.

Strangler Fig Pattern for Modernization

Incremental approach to modernizing legacy applications by gradually replacing components with microservices.

Streaming Protocols

Network protocols optimized for real-time data transmission in containerized environments.

SubPath

Kubernetes volume feature allowing mounting a specific directory of a volume instead of its root.

Submariner for Multi-cluster Networking

Open-source project enabling direct networking between pods and services across Kubernetes clusters.

Subresources

Kubernetes API feature representing sub-components of a resource, allowing more granular access control and operations.

SuperEdge

Open-source container management system for edge computing, extending Kubernetes to manage edge nodes efficiently.

Sysdig Secure for Runtime Protection

Security platform providing real-time threat detection and response for containerized environments.

TUF (The Update Framework) for Secure Updates

Specification for securing software update systems, applicable to container image distribution.

Taints

Kubernetes node attributes that repel certain pods from scheduling unless they have matching tolerations.

Taints and Tolerations

Kubernetes mechanism for controlling which pods can be scheduled on specific nodes, enabling node specialization.

Tekton

Cloud-native CI/CD framework for Kubernetes, providing custom resources for defining pipelines and tasks.

Tekton Pipelines

Kubernetes-native CI/CD solution using custom resources to define pipelines as a series of tasks.

Telepresence for Local Development

Tool allowing developers to run a single service locally while connecting to a remote Kubernetes cluster.

Tenable.io Container Security

Platform providing vulnerability management and compliance monitoring for container images and registries.

Tenant Isolation

Techniques for separating and securing resources belonging to different users or groups in multi-tenant Kubernetes clusters.

Terrascan for Kubernetes Security Scanning

Open-source tool for static code analysis of Infrastructure as Code, including Kubernetes manifests.

Thanos

Open-source project extending Prometheus for long-term storage and global query view in large-scale deployments.

Thanos for Long-Term Storage

Use of Thanos to provide durable storage and global query capability for Prometheus metrics.

Throttling Pattern

Technique for limiting the rate at which a containerized service processes requests to prevent overload.

Tilt for Microservices Development

Development environment as code for teams building Kubernetes microservices, streamlining local development.

Timeout Configuration

Settings controlling the maximum duration for various operations in containerized applications and infrastructure.

Tolerations

Kubernetes pod specifications that allow (but do not require) pods to be scheduled on nodes with matching taints.

Topology Manager

Kubernetes feature coordinating resource allocation decisions to provide topology-aligned resource allocations.

Traffic Mirroring

Technique of duplicating live traffic to a separate service instance for testing or debugging purposes.

Traffic Shifting

Gradual redirection of traffic from one version of a service to another, often used in canary deployments.

Traffic Splitting

Distribution of incoming requests across multiple versions of a service, enabling advanced deployment strategies.

Trivy for Vulnerability Scanning

Open-source security scanner for containers and other artifacts, finding vulnerabilities and misconfigurations.

Twelve-Factor App Methodology

Set of best practices for building software-as-a-service apps that can be easily deployed to the cloud.

Twistlock

Container security platform providing vulnerability management, compliance, and runtime protection (now part of Prisma Cloud).

Twistlock (now Prisma Cloud)

Comprehensive cloud-native security platform for containers, serverless, and cloud environments.

Underlay Networks

Physical network infrastructure upon which overlay networks for container communication are built.

Unikernels as Container Alternatives

Specialized, single-purpose machine images offering potential advantages in size and security over containers.

Union File System

Filesystem service for Linux allowing files and directories of separate filesystems to be overlaid, forming a single coherent filesystem.

User Impersonation

Kubernetes feature allowing a user to act as another user, useful for debugging and testing access controls.

User Namespaces

Linux kernel feature providing per-process isolated instances of user and group ID number spaces.

VXLAN

Network virtualization technology used in container networking for creating overlay networks.

VXLAN Overlay Networks

Virtual networks using VXLAN encapsulation to enable container communication across hosts.

Valet Key Pattern for Secure Resource Access

Design pattern for providing clients with restricted direct access to a specific resource or service.

Validating Webhooks

Admission controller webhooks in Kubernetes that validate resource requests without modifying them.

Validation Webhooks

Kubernetes admission control mechanism for validating API requests against custom logic before persistence.

Velero for Backup and Restore

Open-source tool for backing up and restoring Kubernetes cluster resources and persistent volumes.

Version Skew Policy

Guidelines defining supported version differences between Kubernetes components to ensure compatibility.

Vertical Pod Autoscaler

Kubernetes component that automatically adjusts the CPU and memory reservations for pods to optimize resource utilization.

Vertical Pod Autoscaler Metrics

Resource utilization data used by VPA to make decisions on adjusting pod resource allocations.